Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    d231c72097d4ac8130ffbb623fba9d7b4dfab4891eacfbe75998eafdf0f8936e

  • Size

    1.3MB

  • Sample

    221101-rdjfsscea7

  • MD5

    6b6e4151d3dd97836d5931e67999e572

  • SHA1

    7e66cff0433407fc3fca3a88b34db27d9ba5aaf9

  • SHA256

    d231c72097d4ac8130ffbb623fba9d7b4dfab4891eacfbe75998eafdf0f8936e

  • SHA512

    dce6a303eb07cff922171449836b27fdd66283a9fefe08926e7d2dead0a5f907f8e334135fe2d49388411ac662e24d46619a671fe34c11192ae6430d0d998190

  • SSDEEP

    24576:U2G/nvxW3Ww0t6TnzGmVBDh4+aknuRRZJND0gFJ4rD/IjC:UbA30GnzV/q+DnsXg

Score
10/10

Malware Config

Targets

    • Target

      d231c72097d4ac8130ffbb623fba9d7b4dfab4891eacfbe75998eafdf0f8936e

    • Size

      1.3MB

    • MD5

      6b6e4151d3dd97836d5931e67999e572

    • SHA1

      7e66cff0433407fc3fca3a88b34db27d9ba5aaf9

    • SHA256

      d231c72097d4ac8130ffbb623fba9d7b4dfab4891eacfbe75998eafdf0f8936e

    • SHA512

      dce6a303eb07cff922171449836b27fdd66283a9fefe08926e7d2dead0a5f907f8e334135fe2d49388411ac662e24d46619a671fe34c11192ae6430d0d998190

    • SSDEEP

      24576:U2G/nvxW3Ww0t6TnzGmVBDh4+aknuRRZJND0gFJ4rD/IjC:UbA30GnzV/q+DnsXg

    Score
    10/10
    • DcRat

      DarkCrystal(DC) is a new .NET RAT active since June 2019 capable of loading additional plugins.

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • DCRat payload

      Detects payload of DCRat, commonly dropped by NSIS installers.

    • Executes dropped EXE

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v6

Tasks